Tech Firms Raid Security Flaws with ‘Bug Bounty’ Programs

In the security world, “bug bounty” programs are becoming more common, from Facebook to the Department of Defense. Hackers who can reveal the hidden vulnerabilities of a device, system or corporation can reap significant financial rewards. Apple launched its program in 2016 and offers payouts of up to $1 million for the most elusive flaws. The tech giant reportedly spent $3.7 million on such exercises in the 12-month period ending in July 2021, during which time Google shelled out $6.7 million and Microsoft spent $13.6 million. Such programs have become a valuable tool in security maintenance, putting hackers’ inquisitive natures to productive use.  Continue reading Tech Firms Raid Security Flaws with ‘Bug Bounty’ Programs

Apple is the Latest Tech Giant to Launch Bug Bounty Program

Apple has announced its new “security bounty” initiative that will offer payments up to $200,000 to any hackers who inform the company about critical vulnerabilities to its products. In doing so, Apple joins major tech companies that have similar programs in place. Alphabet, Facebook and Microsoft “have paid out millions of dollars in bug bounties over the past few years,” reports The Wall Street Journal. Automobile companies such as Tesla and GM are also introducing bounty programs as vehicles are relying more on software to control their systems. Continue reading Apple is the Latest Tech Giant to Launch Bug Bounty Program

Security: Facebook Pays $40,000 to Hackers in Bug Bounty Scheme

  • Facebook has already paid out $40,000 to hackers for identifying flaws in its website, just three weeks after the social networker launched its “Bug Bounty” program that offers compensation for finding vulnerabilities in the site’s code.
  • “Schemes such as Facebook’s illustrate the push towards greater disclosure of security weaknesses and hacking incidents, as the technology industry strives to pool its resources to protect itself better,” reports The Financial Times. “The approach has won praise from digital advocacy groups such as the Electronic Frontier Foundation.”
  • “The program has also been great because it has made our site more secure — by surfacing issues large and small, introducing us to novel attack vectors, and helping us improve lots of corners in our code,” explained Joe Sullivan, Facebook’s chief security officer.
  • Facebook joins others such as Google, Mozilla and HP that have programs in place to offer payments to outsiders who identify vulnerabilities.